Spring cleaning

Author: nerdofcode

mysql_exec.php

@@ -0,0 +1,50 @@
+<!Doctype Html>
+<?php
+session_start();
+$status = $_SESSION['status'];
+if($status == "1"){
+	if($_SESSION['logged_in']=="1"){
+		echo "<p style=\"color:red;\"><b>You are already logged in!!!</b></p>";
+		$_SESSION['logged_in']="0";
+}}else if($status != "1"){
+        header("Location: /404.php");}
+?>
+<html>
+<head>
+<title>Admin Panel</title>
+<link rel="stylesheet" type="text/css" href="style.css">
+</head>
+<body>
+<h1 style="text-align: center;">Admin Panel</h1>
+<a href="logout.php">Logout</a><hr>
+<p>Below is version v.000001 of admin panel by NerdOfCode</p>
+<p>You can execute shell commands seperately from Mysql commands</p>
+<form action="" name="query" id="query" method="post">
+        DBNAM: &nbsp;&nbsp;&nbsp;<input type="text" id="mysql_get" name="mysql_get" placeholder="ex: custom" value="<?php echo $_SESSION[udb];?>"></input><br><br>
+	HOST : &ensp;&ensp;&ensp;<input type="text" id="host" name="host" placeholder="localhost" value="<?php echo $_SESSION['host'];?>"></input><br><br>
+	USER : &nbsp;&ensp;&ensp;&nbsp;<input type="text" id="username" name="username" value="<?php echo $_SESSION['mysql_user'];?>"></input><br><br>
+	PASS : &ensp;&nbsp;&ensp;&ensp;<input type="password" id="password" name="password" value="<?php echo $_SESSION['mysql_pass'];?>"></input></br><br>
+	QUERY: &ensp;&nbsp;&nbsp;<input type="text" id="myquery" name="myquery" placeholder="SELECT * FROM test;" value="<?php echo $_SESSION['query'];?>"></input><br><br>
+        <button type="Submit" value="Submit">Submit</button>
+
+</form>
+
+</body>
+
+<?php
+$udb=$_POST['mysql_get'];//Database
+$user=$_POST['username'];
+$pass=$_POST['password'];
+$query=$_POST['myquery'];//Commands
+$host=$_POST['host'];
+//Set all current values as session variables below
+$_SESSION['saved_info']="1";$_SESSION['udb']="$udb";$_SESSION['mysql_user']="$user";$_SESSION['mysql_pass']="$pass";$_SESSION['query']="$query";$_SESSION['host']="$host";
+$db = mysqli_connect($host,$user,$pass,$udb) or die("<p style=\"color:red;\"><b>Error: </b> connection to MySQL failed. Please re-enter information and try again.</p>");
+mysqli_query($db, $query) or die("Unable to access MYSQL");
+$result = mysqli_query($db, $query);
+$row = mysqli_fetch_array($result);
+$column=$row['password'];
+echo "<b>Query Result: $column</b><br>";
+$mysqli_close($db);
+?>
+</html>

options.php

@@ -8,6 +8,7 @@
 		$_SESSION['logged_in']="0";
 }}else if($status != "1"){
         header("Location: /404.php");}
+include "user.php";
 ?>
 <html>
 <head>
@@ -17,45 +18,12 @@
 <body>
 <h1 style="text-align: center;">Admin Panel</h1>
 <a href="logout.php">Logout</a><hr>
-<p>Below is version v.000001 of admin panel by NerdOfCode</p>
-<p>You can execute shell commands seperately from Mysql commands</p>
-<form action="" name="query" id="query" method="post">
-        SHELL: &nbsp;&nbsp;&ensp;&nbsp;&nbsp;<input type="text" id="query_box" name="query_box" placeholder="Ex: whoami"></input><br><br>
-        DBNAM: &nbsp;&nbsp;&nbsp;<input type="text" id="mysql_get" name="mysql_get" placeholder="ex: custom" value="<?php echo $_SESSION[udb];?>"></input><br><br>
-	HOST : &ensp;&ensp;&ensp;<input type="text" id="host" name="host" placeholder="localhost" value="<?php echo $_SESSION['host'];?>"></input><br><br>
-	USER : &nbsp;&ensp;&ensp;&nbsp;<input type="text" id="username" name="username" value="<?php echo $_SESSION['mysql_user'];?>"></input><br><br>
-	PASS : &ensp;&nbsp;&ensp;&ensp;<input type="password" id="password" name="password" value="<?php echo $_SESSION['mysql_pass'];?>"></input></br><br>
-	QUERY: &ensp;&nbsp;&nbsp;<input type="text" id="myquery" name="myquery" placeholder="SELECT * FROM test;" value="<?php echo $_SESSION['query'];?>"></input><br><br>
-        <button type="Submit" value="Submit">Submit</button>
-
-</form>
+<p>You are currently running version <?php echo $version; ?></p>
+<p>Below you will find shortcuts to a number of settings meant to replace SSH</p>
 
+<a href="shell.php"><p class="server">EXECUTE SHELL</p></a>
+<a href="mysql_exec.php"><p class="server">EXECUTE MYSQL</p></a>
 </body>
 
-<?php
-$udb=$_POST['mysql_get'];//Database
-$user=$_POST['user'];
-$pass=$_POST['pass'];
-$query=$_POST['myquery'];//Commands
-$host=$_POST['host'];
-//Set all current values as session variables below
-$_SESSION['saved_info']="1";$_SESSION['udb']="$udb";$_SESSION['mysql_user']="$user";$_SESSION['mysql_pass']="$pass";$_SESSION['query']="$query";$_SESSION['host']="$host";
-
-
-$db = mysqli_connect($host,$user,$pass,$udb) or die("<p style=\"color:red;\"><b>Error: </b> connection to MySQL failed. Please re-enter information and try again.</p>");
-mysqli_query($db, $query) or die("Unable to access MYSQL");
-$result = mysqli_query($db, $query);
-$row = mysqli_fetch_array($result);
-$column=$row['password'];
-echo "<b>Query Result: $column</b><br>";
-$mysqli_close($db);
-
-$cwd=getcwd();
-echo "<br>Current directory: $cwd<br>";
-$shell = $_POST['query_box'];
-$run = exec("$shell");
-echo "<br><b>Output: $run</b><br>";
-?>
-
 
 </html>

shell.php

@@ -0,0 +1,29 @@
+ <?php
+session_start();
+if($_SESSION['status']!="1"){
+	header("Location: /404.php");
+}
+?>
+<html>
+  <head>
+    <title>Admin Panel</title>
+    <link rel="stylesheet" type="text/css" href="style.css">
+  </head>
+  <body>
+    <h1 style="text-align:center;">Admin Panel</h1>
+    <a href="logout.php">Logout</a>&ensp;
+    <a href="options.php">Home</a><hr>
+
+    <form action="" name="query" id="query" method="post">
+    	SHELL: &nbsp;&nbsp;&ensp;&nbsp;&nbsp;<input type="text" id="query_box" name="query_box" placeholder="Ex: whoami"></input><br><br>   
+    	<button type="Submit" value="Submit">Submit</button>
+    </form>
+<?php
+$cwd=getcwd();
+echo "<br>Current directory: $cwd<br>";
+$shell = $_POST['query_box'];
+$run = exec("$shell");
+echo "<br><b>Output: $run</b><br>";
+?>  
+</body>
+</html>

style.css

@@ -0,0 +1,29 @@
+body {
+	background-color: #a89aff;;
+}
+
+#UID{
+	text-align: center;;
+}
+#passwd{
+	text-align: center;
+}
+.server{
+   font-weight: bold;
+   display: inline-block; 
+   background-color: #ffffff;
+   width: 100px;
+   height: 100px;
+   padding: 20px;
+   vertical-align: top;
+}
+.server:hover{
+  border-style: inset;
+  margin-top:10px;
+  cursor: pointer;
+  width: 150px; 
+  background-color: #9f9595;
+
+
+}
+